Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Rethink context objects #637

Open
sanket1729 opened this issue Aug 2, 2023 · 2 comments
Open

Rethink context objects #637

sanket1729 opened this issue Aug 2, 2023 · 2 comments

Comments

@sanket1729
Copy link
Member

As of latest secp master, there are a few things that we can take advantage of in the rust ecosystem.

Notes pasted from CHANGELOG.

  • Forbade randomizing (copies of) secp256k1_context_static. Randomizing a copy of secp256k1_context_static did not have any effect and did not provide defense-in-depth protection against side-channel attacks. Create a new context if you want to benefit from randomization.
  • Deprecated context flags SECP256K1_CONTEXT_VERIFY and SECP256K1_CONTEXT_SIGN. Use SECP256K1_CONTEXT_NONE instead.

Few suggestions to get things started:

  • Remove context altogether. Create a context as static Option. We can use crates like ctor or implement our own racy initialization with atomics. Contexts are really annoying as they leak everywhere in function signatures.
  • We can also keep two versions for each API. One with context param and one without.
  • Remove all randomization from the code and simplify our API? People may strong opinions here.
@apoelstra
Copy link
Member

cc #388

@tcharding
Copy link
Member

tcharding commented Aug 2, 2023

First item from suggestions is WIP in #605

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants